Fail with NOT_COMPILED_IN if someone tries to use ConfirmSignature wi…

…th NO_ASN_CRYPT. Also default to signature failed.
wolfSSL · Aug 2, 2024 · 25d14f1 · 25d14f1
1 parent a18d016
commit 25d14f1
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
@@ -16612,7 +16612,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
     const byte* sigParams, word32 sigParamsSz,
     byte* rsaKeyIdx)
 {
-    int ret = 0;
+    int ret = ASN_SIG_CONFIRM_E; /* default to failure */
 #if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
     CertAttribute* certatt = NULL;
 #endif
@@ -17749,8 +17749,8 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
 exit_cs:
 
 #else
-    /* Warning: The NO_ASN_CRYPT option skips signature checking! */
-    ret = 0; /* allow unchecked signature */
+    /* For NO_ASN_CRYPT return "not compiled in" */
+    ret = NOT_COMPILED_IN;
 #endif /* !NO_ASN_CRYPT */
 
     (void)keyOID;